cvelist/2021/35xxx/CVE-2021-35116.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com", 
      "ID": "CVE-2021-35116", 
      "STATE": "PUBLIC"
   }, 
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables", 
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "APQ8009, APQ8009W, APQ8096AU, AQT1000, CSRB31024, MDM9607, MDM9626, MDM9628, MDM9640, MSM8909W, MSM8937, MSM8996AU, PM8937, QCA6174A, QCA6310, QCA6320, QCA6390, QCA6391, QCA6420, QCA6430, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA9377, QCM2290, QCM4290, QCM6490, QCS2290, QCS4290, QCS603, QCS605, QCS6490, SA415M, SA6155, SA6155P, SA8155, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD429, SD460, SD480, SD660, SD662, SD665, SD675, SD678, SD680, SD690 5G, SD695, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD820, SD835, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM429W, SDW2500, SDX12, SDX50M, SDX55, SDX55M, SDX65, SM4125, SM6250, SM7250P, SM7315, SM7325P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835"
                              }
                           ]
                        }
                     }
                  ]
               }, 
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   }, 
   "data_format": "MITRE", 
   "data_type": "CVE", 
   "data_version": "4.0", 
   "description": {
      "description_data": [
         {
            "lang": "eng", 
            "value": "APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"
         }
      ]
   }, 
   "impact": {
      "cvss": {
         "baseScore": 7.7, 
         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", 
         "version": "3.1"
      }
   }, 
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng", 
                  "value": "Improper Input Validation in Neural Networks"
               }
            ]
         }
      ]
   }, 
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin", 
            "refsource": "CONFIRM", 
            "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
         }
      ]
   }
}